package com.swust.security.controller;

import com.swust.security.entity.User;
import com.swust.security.service.UserService;
import com.swust.security.utils.R;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @Author hqf
 * @Date Created in 2021/9/13 22:15
 * @Description
 */
@RestController
@RequestMapping("/admin/acl")
public class AdminController {

    @Autowired
    private UserService userService;
    /**
     * 根据token获取用户信息
     */
    @GetMapping("/info")
    public R info(){
        //获取当前登录用户用户名
        String username = SecurityContextHolder.getContext().getAuthentication().getName();
        User user = userService.selectByUsername(username);
        return R.ok().data("curUser",user);
    }

    /**
     * 用户注销
     */
    @PostMapping("logout")
    public R logout(){
        return R.ok();
    }

    /**
     * 模拟用户操作
     * 需要有add权限才能访问
     */
    @GetMapping("/add")
    @PreAuthorize("hasAuthority('add')")
    public R add(){
        return R.ok().data("msg","add");
    }

    /**
     * 模拟用户操作
     * 需要有delete权限才能访问
     */
    @GetMapping("/delete")
    @PreAuthorize("hasAuthority('delete')")
    public R delete(){
        return R.ok().data("msg","delete");
    }

    /**
     * 模拟用户操作
     * 需要有update权限才能访问
     */
    @GetMapping("/update")
    @PreAuthorize("hasAuthority('update')")
    public R update(){
        return R.ok().data("msg","update");
    }

    /**
     * 模拟用户操作
     * 需要有select权限才能访问
     */
    @GetMapping("/select")
    @PreAuthorize("hasAuthority('select')")
    public R select(){
        return R.ok().data("msg","select");
    }

}
